Описание
bindings/core/v8/V8DOMWrapper.h in Blink, as used in Google Chrome before 45.0.2454.101, does not perform a rethrow action to propagate information about a cross-context exception, which allows remote attackers to bypass the Same Origin Policy via a crafted HTML document containing an IFRAME element.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 45.0.2454.101-0ubuntu1.1201 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [45.0.2454.101-0ubuntu0.14.04.1.1099]] |
| precise | ignored | |
| trusty | released | 45.0.2454.101-0ubuntu0.14.04.1.1099 |
| trusty/esm | DNE | trusty was released [45.0.2454.101-0ubuntu0.14.04.1.1099] |
| upstream | released | 45.0.2454.101 |
| vivid | released | 45.0.2454.101-0ubuntu0.15.04.1.1183 |
| wily | released | 45.0.2454.101-0ubuntu1.1201 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 1.9.5-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [1.9.5-0ubuntu0.14.04.1]] |
| precise | DNE | |
| trusty | released | 1.9.5-0ubuntu0.14.04.1 |
| trusty/esm | DNE | trusty was released [1.9.5-0ubuntu0.14.04.1] |
| upstream | released | 1.9.5 |
| vivid | released | 1.9.5-0ubuntu0.15.04.1 |
| wily | released | 1.9.5-0ubuntu1 |
Показывать по
7.5 High
CVSS2
Связанные уязвимости
bindings/core/v8/V8DOMWrapper.h in Blink, as used in Google Chrome before 45.0.2454.101, does not perform a rethrow action to propagate information about a cross-context exception, which allows remote attackers to bypass the Same Origin Policy via a crafted HTML document containing an IFRAME element.
bindings/core/v8/V8DOMWrapper.h in Blink, as used in Google Chrome before 45.0.2454.101, does not perform a rethrow action to propagate information about a cross-context exception, which allows remote attackers to bypass the Same Origin Policy via a crafted HTML document containing an IFRAME element.
bindings/core/v8/V8DOMWrapper.h in Blink, as used in Google Chrome bef ...
bindings/core/v8/V8DOMWrapper.h in Blink, as used in Google Chrome before 45.0.2454.101, does not perform a rethrow action to propagate information about a cross-context exception, which allows remote attackers to bypass the Same Origin Policy via a crafted HTML document containing an IFRAME element.
Уязвимость браузера Google Chrome, позволяющая нарушителю обойти существующие ограничения доступа
7.5 High
CVSS2